Privacy Policy

Last updated: 20 June 2026

This policy explains what huff collects, why, how long we keep it, who we share it with, and the rights you have. huff is a private wishlist app: you save things you want, and only people you have already saved in your own contacts can see them. We have built the product to collect as little as possible.

If you have questions, email us at privacy@huffme.com.

What we collect

Your phone number. Used to create and sign in to your account (via Firebase phone authentication). Stored in standardised (E.164) form.
Your contacts — hashed on your device, never as raw numbers. To work out who can see your list, we need to compare contacts. Your phone numbers are turned into irreversible hashes on your device (see "On-device contact hashing" below) before anything leaves it. We never receive your contacts' actual phone numbers or names.
Your wishlist and event content. The items, links, notes, and events you add.
Your delivery address — only if you choose to add one so a gifter can ship to you.
Affiliate-click records. When you tap a "Buy now" link, we record that a click happened (and to which merchant) so we can be credited for any resulting purchase. We do not receive your payment details or what you bought.
Usage and diagnostics — only if you opt in. App analytics and crash reports help us fix bugs and improve the app. These are off unless you allow them.
Device push token — if you enable notifications, so we can deliver them.

How we use it

Authenticate you and keep your account secure.
Determine, using hashed contacts, whose lists you can see and who can see yours.
Show your wishlists and events to the right people, and deliver reminders/notifications you have asked for.
Credit purchases made through affiliate links (how we keep the app free).
With your consent, measure usage and diagnose crashes to improve huff.

We do not use your data for advertising profiles, and we do not build a public profile of you.

On-device contact hashing

Working out who can see your list requires comparing contacts — but we never want your contacts' raw numbers. So each number is hashed on your device with Argon2id (a deliberately slow, memory-hard hash) using a server-provided salt plus a daily-rotating salt, then truncated. Only these irreversible hashes are sent to us; they cannot be turned back into phone numbers. Your contacts' real numbers and names never leave your device.

We share data only with the service providers we need to run huff, each acting on our instructions:

Google Firebase — phone authentication, app integrity (App Check), and push delivery.
ScraperAPI — fetches a product page when you paste a link, so we can show its title, image, and price.
Cuelinks — affiliate attribution for outbound "Buy now" links.
Amplitude — usage analytics, only if you opt in.
Sentry — crash and error diagnostics, only if you opt in.

We may also disclose data if required by law, or to protect the rights and safety of our users and the public.

We do not sell your data

We do not sell your personal information, and we do not share it for cross-context behavioural advertising.

How long we keep it

We keep your account data for as long as your account exists. When you delete your account, we remove your data (see Delete your account). One exception: a short, irreversible digest of recently-deleted phone numbers is kept for about 90 days so a recycled phone number can't inherit a previous owner's visibility. It contains no recoverable identity information.

Security

We protect data in transit and at rest and limit access to it. No system is perfectly secure, but if a breach affects your personal data we will notify you and the relevant authorities as required by law.

Children

huff is not for children. You must be at least 16 to use huff (and 18 where local law requires it — including India). We do not knowingly collect data from anyone below the applicable age; if we learn we have, we delete it.

Your regional rights

Wherever you live, you can request access to, correction of, or deletion of your personal data by emailing privacy@huffme.com.

Our legal bases are your consent (for opt-in analytics, notifications, and contact hashing) and our legitimate interests (keeping the service secure and crediting affiliate purchases that fund it). You have the rights of access, rectification, erasure, restriction, data portability, objection, and to withdraw consent at any time. We respond within one month. If you are not satisfied, you may complain to your local Data Protection Authority, or in the UK to the Information Commissioner's Office (ICO) — https://ico.org.uk/make-a-complaint/.

California (CCPA / CPRA)

We collect the categories described in "What we collect" (identifiers, contacts-derived hashes, and — if opted in — usage data). You have the right to know what we collect, to delete it, to correct it, and to opt out of any sale or sharing for cross-context behavioural advertising — we do not sell or share your personal information, so there is nothing to opt out of. To exercise these rights, email privacy@huffme.com. We will not discriminate against you for exercising them.

India (DPDP Act, 2023)

We process your data on the basis of your consent, which you can withdraw at any time (turn off a feature, or delete your account). You have the rights of access, correction, and erasure, and to nominate someone to exercise them. For grievances, email privacy@huffme.com — we acknowledge within 7 days and aim to resolve within 30. If unresolved, you may approach the Data Protection Board of India.

Other regions

The core rights — access, correction, and deletion — are available to everyone, everywhere, via privacy@huffme.com.

How to delete your account

You can delete your account at any time from Settings → Delete account in the app, or by emailing privacy@huffme.com. See Delete your Huff account for what happens.

Changes to this policy

If we change this policy we will update the date above and, for material changes, notify you in the app.

Contact

privacy@huffme.com